Search criteria
9 vulnerabilities found for befsr11 by linksys
VAR-200212-0041
Vulnerability from variot - Updated: 2025-04-03 22:38Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. Linksys EtherFast routers is a small four-port router designed to optimize the use of DSL or Cable connections.
This vulnerability is not present in other versions of firmware. EtherFast BEFSRU31 Router is prone to a remote security vulnerability. A remote attacker gains access
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0041",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befsr41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-2861"
},
{
"db": "BID",
"id": "89532"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-842"
},
{
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89532"
}
],
"trust": 0.3
},
"cve": "CVE-2002-2159",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2159",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-6542",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2159",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-842",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-6542",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6542"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-842"
},
{
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access. Linksys EtherFast routers is a small four-port router designed to optimize the use of DSL or Cable connections. \n\n\u00a0This vulnerability is not present in other versions of firmware. EtherFast BEFSRU31 Router is prone to a remote security vulnerability. A remote attacker gains access",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2159"
},
{
"db": "CNVD",
"id": "CNVD-2002-2861"
},
{
"db": "BID",
"id": "89532"
},
{
"db": "VULHUB",
"id": "VHN-6542"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-2159",
"trust": 2.6
},
{
"db": "BID",
"id": "4987",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200212-842",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-2861",
"trust": 0.6
},
{
"db": "XF",
"id": "9330",
"trust": 0.6
},
{
"db": "BID",
"id": "89532",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-6542",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-2861"
},
{
"db": "VULHUB",
"id": "VHN-6542"
},
{
"db": "BID",
"id": "89532"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-842"
},
{
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"id": "VAR-200212-0041",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6542"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:38:26.463000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/4987"
},
{
"trust": 2.0,
"url": "http://www.securiteam.com/securitynews/5op022k7ge.html"
},
{
"trust": 2.0,
"url": "http://www.iss.net/security_center/static/9330.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6542"
},
{
"db": "BID",
"id": "89532"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-842"
},
{
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-2861"
},
{
"db": "VULHUB",
"id": "VHN-6542"
},
{
"db": "BID",
"id": "89532"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-842"
},
{
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-06-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-2861"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6542"
},
{
"date": "2002-12-31T00:00:00",
"db": "BID",
"id": "89532"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-842"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-06-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-2861"
},
{
"date": "2017-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-6542"
},
{
"date": "2002-12-31T00:00:00",
"db": "BID",
"id": "89532"
},
{
"date": "2006-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-842"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-2159"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-842"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LinkSys EtherFast Router Remote Management Activation Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-2861"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-842"
}
],
"trust": 0.6
}
}
VAR-200211-0060
Vulnerability from variot - Updated: 2025-04-03 22:26Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. Linksys has developed a variety of broadband router devices, including BEFW11S4, BEFSRU31, etc., which all include WEB management interfaces.
The router's WEB management interface incorrectly handles long passwords. Remote attackers can use this vulnerability to perform buffer overflow attacks and crash the device.
An attacker can submit a request with a password field containing a long string to the router's WEB management interface system. When the device attempts to process this malformed input request, it can cause the device to crash. Need to restart to resume normal function.
The remote management interface is not enabled by default. Multiple Linksys devices lack proper handling of very long GET requests. Because the device does not adequately allocate memory buffers, an attacker can exploit this vulnerability to send a very long GET request to a Linksys device that has this vulnerability. Rebooting the device is necessary to restore functionality. This may allow an attacker to change configuration information on the vulnerable device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200211-0060",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befw11s4",
"scope": "eq",
"trust": 2.2,
"vendor": "linksys",
"version": "1.4.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 2.2,
"vendor": "linksys",
"version": "1.4.2.7"
},
{
"model": "hpro200",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "2.42.7.1"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befw11s4",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr81 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befw11s4",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex S. Harasic\u203b aharasic@terra.cl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1312",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-15339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5697",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1312",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-15339",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200211-037",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5697",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. Linksys has developed a variety of broadband router devices, including BEFW11S4, BEFSRU31, etc., which all include WEB management interfaces. \n\n\u00a0The router\u0027s WEB management interface incorrectly handles long passwords. Remote attackers can use this vulnerability to perform buffer overflow attacks and crash the device. \n\n\u00a0An attacker can submit a request with a password field containing a long string to the router\u0027s WEB management interface system. When the device attempts to process this malformed input request, it can cause the device to crash. Need to restart to resume normal function. \n\n\u00a0The remote management interface is not enabled by default. Multiple Linksys devices lack proper handling of very long GET requests. Because the device does not adequately allocate memory buffers, an attacker can exploit this vulnerability to send a very long GET request to a Linksys device that has this vulnerability. \nRebooting the device is necessary to restore functionality. This may allow an attacker to change configuration information on the vulnerable device",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
},
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "VULHUB",
"id": "VHN-5697"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1312",
"trust": 2.6
},
{
"db": "BID",
"id": "6301",
"trust": 2.6
},
{
"db": "BID",
"id": "6208",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2002-4108",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2013-15339",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20021119 DENIAL OF SERVICE VULNERABILITY IN LINKSYS CABLE/DSL ROUTERS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021202 CORE-20021005: VULNERABILITY REPORT FOR LINKSYS DEVICES",
"trust": 0.6
},
{
"db": "XF",
"id": "10654",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5697",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"id": "VAR-200211-0060",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
}
]
},
"last_update_date": "2025-04-03T22:26:24.639000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Multiple Linksys Device GET Request Remote Buffer Overflow Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/41776"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6208"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6301"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"trust": 1.6,
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=103893609009727\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/10654"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.evansconforti.com/befw11s4"
},
{
"trust": 0.3,
"url": "/archive/1/300836"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=36\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
},
{
"trust": 0.1,
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026amp;idxseccion=10"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"db": "VULHUB",
"id": "VHN-5697"
},
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
},
{
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"date": "2002-12-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"date": "2002-11-20T00:00:00",
"db": "VULHUB",
"id": "VHN-5697"
},
{
"date": "2002-11-20T00:00:00",
"db": "BID",
"id": "6208"
},
{
"date": "2002-12-03T00:00:00",
"db": "BID",
"id": "6301"
},
{
"date": "2002-11-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-037"
},
{
"date": "2002-11-20T05:00:00",
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-11-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2002-4108"
},
{
"date": "2013-12-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15339"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-5697"
},
{
"date": "2009-07-11T19:16:00",
"db": "BID",
"id": "6208"
},
{
"date": "2002-12-03T00:00:00",
"db": "BID",
"id": "6301"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200211-037"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1312"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Linksys Device Password Field Buffer Overflow Vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2002-4108"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6208"
},
{
"db": "BID",
"id": "6301"
},
{
"db": "CNNVD",
"id": "CNNVD-200211-037"
}
],
"trust": 1.2
}
}
VAR-200408-0079
Vulnerability from variot - Updated: 2025-04-03 22:26DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. Linksys has a variety of network equipment product lines.
Multiple Linksys devices have problems processing DHCP messages. Remote attackers can use this vulnerability to obtain sensitive information or conduct denial of service attacks on the device.
The built-in DHCP server of these devices has a security vulnerability. The DHCP server of these devices incorrectly processes BOOTP packets. When returning a BOOTP response, it fills some of the information in the memory into the BOOTP field, so the attacker can gain sensitivity by sniffing network communications. Information can also lead to a denial of service attack on the device by an attacker. When attempting to exploit this issue, it has been reported that a denial of service condition may occur, stopping legitimate users from using the device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200408-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "befn2ps4",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsr11",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "wap55ag",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.0.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.40.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.45.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.44.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.43.4"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befsx41",
"scope": "eq",
"trust": 1.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "befsr41w",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "befcmu10",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "2.42.7.1"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "rv082",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.3f"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.38.5"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "2.00.8"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "befvp41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "befsr41",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "befn2ps4",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "befsr81",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "befsru31",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "befcmu10",
"scope": null,
"trust": 0.9,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "befn2ps4",
"scope": null,
"trust": 0.6,
"vendor": "linksys",
"version": null
},
{
"model": "wrt54g",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "v2.02.00.8"
},
{
"model": "wpc300n wireless-n notebook adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "-4.100.15.5"
},
{
"model": "rv082",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befvp41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39.64"
},
{
"model": "etherfast befvp41 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsru31 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.44"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7"
},
{
"model": "etherfast befsr81 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "2.42.7.1"
},
{
"model": "etherfast befsr81 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.45.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.39"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.37"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.36"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.35"
},
{
"model": "etherfast befsr41 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.38.5"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.44"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.43"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.7"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.42.3"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.41"
},
{
"model": "etherfast befsr11 router",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40.2"
},
{
"model": "etherfast befn2ps4 router",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befvp41 .3f",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.40"
},
{
"model": "befsr81",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "befsr41w",
"scope": null,
"trust": 0.3,
"vendor": "linksys",
"version": null
},
{
"model": "etherfast befsr41 router",
"scope": "ne",
"trust": 0.3,
"vendor": "linksys",
"version": "1.05.00"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jon Hart\u203b warchild@spoofed.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0580",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0580",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9010",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0580",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200408-030",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9010",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. Linksys has a variety of network equipment product lines. \n\n\u00a0Multiple Linksys devices have problems processing DHCP messages. Remote attackers can use this vulnerability to obtain sensitive information or conduct denial of service attacks on the device. \n\n\u00a0The built-in DHCP server of these devices has a security vulnerability. The DHCP server of these devices incorrectly processes BOOTP packets. When returning a BOOTP response, it fills some of the information in the memory into the BOOTP field, so the attacker can gain sensitivity by sniffing network communications. Information can also lead to a denial of service attack on the device by an attacker. When attempting to exploit this issue, it has been reported that a denial of service condition may occur, stopping legitimate users from using the device",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0580"
},
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "VULHUB",
"id": "VHN-9010"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9010",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0580",
"trust": 2.6
},
{
"db": "BID",
"id": "10329",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "6325",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1010288",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "11606",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2004-1417",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040607 LINKSYS BEFSR41 DHCP VULNERABILITY SERVER LEAKS NETWORK DATA",
"trust": 0.6
},
{
"db": "XF",
"id": "16142",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-77851",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "24115",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9010",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"id": "VAR-200408-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
}
],
"trust": 0.6353147
},
"last_update_date": "2025-04-03T22:26:17.776000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/10329"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/6325"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/alerts/2004/may/1010288.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/11606"
},
{
"trust": 1.6,
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5ccreated=1086294093\u0026p_sid=pu1x1idh\u0026p_lva=\u0026p_sp=cf9zcmnopszwx3nvcnrfynk9jnbfz3jpzhnvcnq9%20%5cjnbfcm93x2nudd02ntqmcf9wywdlpte%2a\u0026p_li="
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16142"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"trust": 0.3,
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_created=1086294093\u0026p_sid=pu1x1idh\u0026p_lva=\u0026p_sp=cf9zcmnopszwx3nvcnrfynk9jnbfz3jpzhnvcnq9jnbfcm93x2nudd02ntqmcf9wywdl"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/products/group.asp?grid=23"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "/archive/1/365319"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108662876129301\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026amp;p_%20%5ccreated=1086294093\u0026amp;p_sid=pu1x1idh\u0026amp;p_lva=\u0026amp;p_sp=cf9zcmnopszwx3nvcnrfynk9jnbfz3jpzhnvcnq9%20%5cjnbfcm93x2nudd02ntqmcf9wywdlpte%2a\u0026amp;p_li="
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"db": "VULHUB",
"id": "VHN-9010"
},
{
"db": "BID",
"id": "10329"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
},
{
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"date": "2004-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-9010"
},
{
"date": "2004-05-13T00:00:00",
"db": "BID",
"id": "10329"
},
{
"date": "2004-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-030"
},
{
"date": "2004-08-06T04:00:00",
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2004-1417"
},
{
"date": "2018-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-9010"
},
{
"date": "2015-03-19T09:44:00",
"db": "BID",
"id": "10329"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-030"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0580"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Linksys Device DHCP Information Leaks and Denial of Service Vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2004-1417"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "10329"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-030"
}
],
"trust": 0.9
}
}
CVE-2002-2159 (GCVE-0-2002-2159)
Vulnerability from cvelistv5 – Published: 2005-11-16 21:17 – Updated: 2024-08-08 03:51
VLAI?
Summary
Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linksys-etherfast-admin-enabled(9330)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9330.php"
},
{
"name": "4987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4987"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/securitynews/5OP022K7GE.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linksys-etherfast-admin-enabled(9330)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9330.php"
},
{
"name": "4987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4987"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/securitynews/5OP022K7GE.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linksys-etherfast-admin-enabled(9330)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9330.php"
},
{
"name": "4987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4987"
},
{
"name": "http://www.securiteam.com/securitynews/5OP022K7GE.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5OP022K7GE.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2159",
"datePublished": "2005-11-16T21:17:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-08T03:51:17.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1312 (GCVE-0-2002-1312)
Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1312",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2002-11-18T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0580 (GCVE-0-2004-0580)
Vulnerability from cvelistv5 – Published: 2004-06-23 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li=",
"refsource": "CONFIRM",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10329"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0580",
"datePublished": "2004-06-23T04:00:00",
"dateReserved": "2004-06-18T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0580 (GCVE-0-2004-0580)
Vulnerability from nvd – Published: 2004-06-23 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20%5Ccreated=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20%5CJnBfcm93X2NudD02NTQmcF9wYWdlPTE%2A\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10329"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li=",
"refsource": "CONFIRM",
"url": "http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=832\u0026p_%20\\created=1086294093\u0026p_sid=pU1X1idh\u0026p_lva=\u0026p_sp=cF9zcmNoPSZwX3NvcnRfYnk9JnBfZ3JpZHNvcnQ9%20\\JnBfcm93X2NudD02NTQmcF9wYWdlPTE*\u0026p_li="
},
{
"name": "linksys-etherfast-bootp-dos(16142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16142"
},
{
"name": "11606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11606"
},
{
"name": "6325",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6325"
},
{
"name": "1010288",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2004/May/1010288.html"
},
{
"name": "20040607 Linksys BEFSR41 DHCP vulnerability server leaks network data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108662876129301\u0026w=2"
},
{
"name": "10329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10329"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0580",
"datePublished": "2004-06-23T04:00:00",
"dateReserved": "2004-06-18T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2159 (GCVE-0-2002-2159)
Vulnerability from nvd – Published: 2005-11-16 21:17 – Updated: 2024-08-08 03:51
VLAI?
Summary
Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linksys-etherfast-admin-enabled(9330)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9330.php"
},
{
"name": "4987",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4987"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/securitynews/5OP022K7GE.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linksys-etherfast-admin-enabled(9330)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9330.php"
},
{
"name": "4987",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4987"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/securitynews/5OP022K7GE.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linksys-etherfast-admin-enabled(9330)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9330.php"
},
{
"name": "4987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4987"
},
{
"name": "http://www.securiteam.com/securitynews/5OP022K7GE.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5OP022K7GE.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2159",
"datePublished": "2005-11-16T21:17:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-08T03:51:17.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1312 (GCVE-0-2002-1312)
Vulnerability from nvd – Published: 2005-04-14 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021202 CORE-20021005: Vulnerability Report For Linksys Devices",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0022.html"
},
{
"name": "6208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6208"
},
{
"name": "6301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6301"
},
{
"name": "20021119 Denial of Service Vulnerability in Linksys Cable/DSL Routers",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=36\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10",
"refsource": "MISC",
"url": "http://www1.corest.com/common/showdoc.php?idx=276\u0026idxseccion=10"
},
{
"name": "linksys-etherfast-password-dos(10654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10654"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1312",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2002-11-18T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}